-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/10/2014 10:29 AM, Johnny Hughes wrote:> On 09/10/2014 09:58 AM, Steven Stern wrote:
>> My C7 system has mariadb 5.5.37, installed from the Centos
>> repository. The latest version (with a security update is
>> 5.5.39). Mariadb.org has its own repositories, but they don't
>> list Centos 7 as an option. Is anyone using the repository for
>> Centos 6 with Centos 7?
>>
>> See
>>
https://downloads.mariadb.org/mariadb/repositories/#mirror=jmu&distro=CentOS&distro_release=centos6-amd64&version=5.5
>>
>>
>
>>
> Red Hat does backporting for updates, and CentOS rebuilds that
> backported code.
>
> If you look at the security issues you are talking about in mariadb
> 5.5, you will see that they are ROLLED IN already:
>
> https://rhn.redhat.com/errata/RHSA-2014-0702.html
>
> But backported in the current version.
>
> (The list of CVE's patched is on that page)
>
> If you have other questions about backporting, read this:
>
> https://access.redhat.com/security/updates/backporting
>
> So the short message is, if you want to know if a CVE fix is
> included, you can see on the errata page or here:
>
> https://access.redhat.com/security/cve/
>
> All the CentOS announcements are here:
>
> http://lists.centos.org/pipermail/centos-announce/
>
> Thanks, Johnny Hughes
Thanks for the excellent (and reassuring) response.
- --
- -- Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJUEG9UAAoJEDx7wfUw/4IOZtUH+wZnu7PKPP+13cb0YmR4h/qH
O92AOXHevbhtj8FogW7puwLLeyW7ud64d+WctgXXkctkXEEbIakigFmBGryXfHiy
FrPquQxKutZTWQ6UYwvhd4huFKv3PrBrmwjzOrcD1yA8N58tUw+yWdsd8hKvxp+I
oNhxllHQdU9G1Wb9oGtbYIcQL1hhCkLj5Oh6e3ExVwVLXVcPb+/WMuZRp8yP/cAy
DVa1wTM0oolexY+ZMAVNmGQxvx8nL9xEoXDTkQ6F2b9WXo7Dh+7W2TvTWwT+88Fj
6IBduDMuT8IOLduw9upeFodh27L/VY/LFX85HvpGIPFfxVZ2BEfjgJuCkyHKr84=JO4x
-----END PGP SIGNATURE-----